Help
FortiSIEM
FortiSIEM provides Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA)
mbenvenuti
Staff
Staff

Created on ‎04-08-2024 09:48 AM

Article Id 308926

Technical Tip: How to extend CMDB backup history

Description This article describes how to extend CMDB backup history.
Scope FortiSIEM.
Solution

Currently, FortiSIEM performs a CMDB backup twice a day. The first occurs at 3AM and the second occurs at 1PM. As the backup is saved at

/data/archive/cmdb/ by default, only the very last backup remains available. It can be useful to save these backups frequently to have a longer backup history. To do this:

 

  1. Add an empty 200GB disk to the FortiSIEM from the VM Platform or using a USB disk on a hardware machine.
  2. Locate it and format it with the preferred filesystem.

fdisk -l

FDISK.png

 

mkfs.xfs -f /dev/sdf

 

  1. Mount the disk:

mkdir /backup_history

echo "/dev/sdf /backup_history xfs defaults 0 0" >> /etc/fstab

systemctl daemon-reload

mount /backup_history

 

  1. Load the script. Copy the cmdb_backup_hist.sh script on /backup_history using winSCP and set the permissions accordingly:

chmod +x /backup_history/cmdb_backup_hist.sh

 

  1. Configure execution once every day at 4AM:


echo "0 4 * * * root /backup_history/cmdb_backup_hist.sh &> /dev/null" > /etc/cron.d/cmdb_backup

 

CMDB Backups will be stored at /backup_history/.

https://crontab.guru/ can help with defining schedules.

Check execution was successful with the 'journalctl -u crond.service' command.
cmdb_backup_hist.zip
Labels:
411
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.